Polymorphic malware is a secure menace for application of computer network systems because hacker can evade detection and launch stealthy attacks. In this paper, a novel enhanced automated signature generation (EASG...Polymorphic malware is a secure menace for application of computer network systems because hacker can evade detection and launch stealthy attacks. In this paper, a novel enhanced automated signature generation (EASG) algorithm to detect polymorphic malware is proposed. The EASG algorithm is composed of enhanced-expectation maximum algorithm and enhanced K-means clustering algorithm. In EASG algorithm, the fixed threshold value is replaced by the decision threshold of interval area. The false positive ratio can be controlled at low level, and the iterative operations and the execution time are effectively reduced. Moreover, the centroid updating is realized by application of similarity metric of Mahalanobis distance and incremental learning. Different malware group families are partitioned by the centroid updating.展开更多
This paper presents a new algorithm for generation of attack signatures based on sequence alignment. The algorithm is composed of two parts: a local alignment algorithm-GASBSLA (Generation of Attack Signatures Based o...This paper presents a new algorithm for generation of attack signatures based on sequence alignment. The algorithm is composed of two parts: a local alignment algorithm-GASBSLA (Generation of Attack Signatures Based on Sequence Local Alignment) and a multi-sequence alignment algorithm-TGMSA (Tri-stage Gradual Multi-Sequence Alignment). With the inspiration of sequence alignment used in Bioinformatics, GASBSLA replaces global alignment and constant weight penalty model by local alignment and affine penalty model to improve the generality of attack signatures. TGMSA presents a new pruning policy to make the algorithm more insensitive to noises in the generation of attack signatures. In this paper, GASBSLA and TGMSA are described in detail and validated by experiments.展开更多
Antiviral software systems (AVSs) have problems in detecting polymorphic variants of viruses without specific signatures for such variants. Previous alignment-based approaches for automatic signature extraction have s...Antiviral software systems (AVSs) have problems in detecting polymorphic variants of viruses without specific signatures for such variants. Previous alignment-based approaches for automatic signature extraction have shown how signatures can be generated from consensuses found in polymorphic variant code. Such sequence alignment approaches required variable length viral code to be extended through gap insertions into much longer equal length code for signature extraction through data mining of consensuses. Non-nested generalized exemplars (NNge) are used in this paper in an attempt to further improve the automatic detection of polymorphic variants. The important contribution of this paper is to compare a variable length data mining technique using viral source code to the previously used equal length data mining technique obtained through sequence alignment. This comparison was achieved by conducting three different experiments (i.e. Experiments I-III). Although Experiments I and II generated unique and effective syntactic signatures, Experiment III generated the most effective signatures with an average detection rate of over 93%. The implications are that future, syntactic-based smart AVSs may be able to generate effective signatures automatically from malware code by adopting data mining and alignment techniques to cover for both known and unknown polymorphic variants and without the need for semantic (run-time) analysis.展开更多
Simultaneous bandwidth(BW) enhancement and time-delay signature(TDS) suppression of chaotic lasing over a wide range of parameters by mutually coupled semiconductor lasers(MCSLs) with random optical injection are prop...Simultaneous bandwidth(BW) enhancement and time-delay signature(TDS) suppression of chaotic lasing over a wide range of parameters by mutually coupled semiconductor lasers(MCSLs) with random optical injection are proposed and numerically investigated. The influences of system parameters on TDS suppression(characterized by autocorrelation function(ACF) and permutation entropy(PE) around characteristic time) and chaos BW are investigated. The results show that, with the increasing bias current, the ranges of parameters(detuning and injection strength) for the larger BW(> 20 GHz) are broadened considerably, while the parameter range for optimized TDS(< 0.1) is not shrunk obviously.Under optimized parameters, the system can simultaneously achieve two chaos outputs with enhanced BW(> 20 GHz)and perfect TDS suppression. In addition, the system can generate two-channel high-speed truly physical random number sequences at 200 Gbits/s for each channel.展开更多
Antiviral software systems (AVSs) have problems in identifying polymorphic variants of viruses without explicit signatures for such variants. Alignment-based techniques from bioinformatics may provide a novel way to g...Antiviral software systems (AVSs) have problems in identifying polymorphic variants of viruses without explicit signatures for such variants. Alignment-based techniques from bioinformatics may provide a novel way to generate signatures from consensuses found in polymorphic variant code. We demonstrate how multiple sequence alignment supplemented with gap penalties leads to viral code signatures that generalize successfully to previously known polymorphic variants of JS. Cassandra virus and previously unknown polymorphic variants of W32.CTX/W32.Cholera and W32.Kitti viruses. The implications are that future smart AVSs may be able to generate effective signatures automatically from actual viral code by varying gap penalties to cover for both known and unknown polymorphic variants.展开更多
This paper studies the existing problems of message authentication protocols in vehicular ad hoc networks(VANETs) due to their significance in the future of commuting and transportation. Our contribution has been devo...This paper studies the existing problems of message authentication protocols in vehicular ad hoc networks(VANETs) due to their significance in the future of commuting and transportation. Our contribution has been devoted to implementing a new protocol for VANETs so that inherent security problems in past works are resolved. Exclusive security measures have been considered for the system which protects the users against threat of any attack. The new protocol shows a great hardness guaranteed by certificate based 80 bit security which assures messages to remain confidential in any time. Also, new unprecedented features like V2 X which improves system performance effectively have been instantiated. The simulation results indicate that message signature generation and verification both take place in much less time than present comparable rival protocols.展开更多
The MiSeq FGx^(TM) Forensic Genomics System types 231 genetic markers in one multiplex polymerase chain reaction (PCR) assay.The markers include core forensic short tandem repeats (STRs) as well as identity,ancestry a...The MiSeq FGx^(TM) Forensic Genomics System types 231 genetic markers in one multiplex polymerase chain reaction (PCR) assay.The markers include core forensic short tandem repeats (STRs) as well as identity,ancestry and phenotype informative short nucleotide polymorphisms (SNPs).In this work,the MiSeq FGx^(TM) Forensic Genomics System was evaluated by analysing reproducibility,sensitivity,mixture identification and forensic phenotyping capabilities of the assay.Furthermore,the genotype calling of the ForenSeq^(TM) Universal Analysis Software was verified by analysing fastq.gz files from the MiSeq FGx^(TM) platform using the softwares STRinNGS and GATK.Overall,the performance of the MiSeq FGx^(TM) Forensic Genomics System was high.However,locus and allele drop-outs were relatively frequent at six loci (two STRs and four human identification SNPs) due to low read depth or skewed heterozygote balances,and the stutter ratios were larger than those observed with conventional STR genotyping methods.The risk of locus and allele drop-outs increased dramatically when the amount of DNA in the first PCR was lower than 250 pg.Two-person 50∶1 mixtures were identified as mixtures,whereas 100∶1 and 1000∶1 mixtures were not.Y-chromosomal short tandem repeats (Y-STRs) alleles were detected in the 100∶1 and 1000∶1 female/male mixtures.The ForenSeq^(TM) Universal Analysis Software provided the data analyst with useful alerts that simplified the analysis of the large number of markers.Many of the alerts were due to user-defined,locus-specific criteria.The results shown here indicated that the default settings should be altered for some loci.Also,recommended changes to the assay and software are discussed.展开更多
基金supported by the National 11th Five-Year-Support-Plan of China under Grant No.2006BAH02A0407the National Research Foundation for the Doctoral Program of Higher Education of China under Grant No.20060614016the National Natural Science Foundation of China under Grant No. 60671033
文摘Polymorphic malware is a secure menace for application of computer network systems because hacker can evade detection and launch stealthy attacks. In this paper, a novel enhanced automated signature generation (EASG) algorithm to detect polymorphic malware is proposed. The EASG algorithm is composed of enhanced-expectation maximum algorithm and enhanced K-means clustering algorithm. In EASG algorithm, the fixed threshold value is replaced by the decision threshold of interval area. The false positive ratio can be controlled at low level, and the iterative operations and the execution time are effectively reduced. Moreover, the centroid updating is realized by application of similarity metric of Mahalanobis distance and incremental learning. Different malware group families are partitioned by the centroid updating.
文摘This paper presents a new algorithm for generation of attack signatures based on sequence alignment. The algorithm is composed of two parts: a local alignment algorithm-GASBSLA (Generation of Attack Signatures Based on Sequence Local Alignment) and a multi-sequence alignment algorithm-TGMSA (Tri-stage Gradual Multi-Sequence Alignment). With the inspiration of sequence alignment used in Bioinformatics, GASBSLA replaces global alignment and constant weight penalty model by local alignment and affine penalty model to improve the generality of attack signatures. TGMSA presents a new pruning policy to make the algorithm more insensitive to noises in the generation of attack signatures. In this paper, GASBSLA and TGMSA are described in detail and validated by experiments.
文摘Antiviral software systems (AVSs) have problems in detecting polymorphic variants of viruses without specific signatures for such variants. Previous alignment-based approaches for automatic signature extraction have shown how signatures can be generated from consensuses found in polymorphic variant code. Such sequence alignment approaches required variable length viral code to be extended through gap insertions into much longer equal length code for signature extraction through data mining of consensuses. Non-nested generalized exemplars (NNge) are used in this paper in an attempt to further improve the automatic detection of polymorphic variants. The important contribution of this paper is to compare a variable length data mining technique using viral source code to the previously used equal length data mining technique obtained through sequence alignment. This comparison was achieved by conducting three different experiments (i.e. Experiments I-III). Although Experiments I and II generated unique and effective syntactic signatures, Experiment III generated the most effective signatures with an average detection rate of over 93%. The implications are that future, syntactic-based smart AVSs may be able to generate effective signatures automatically from malware code by adopting data mining and alignment techniques to cover for both known and unknown polymorphic variants and without the need for semantic (run-time) analysis.
基金Project supported by the Sichuan Science and Technology Program,China(Grant No.2019YJ0530)the Scientific Research Fund of Sichuan Provincial Education Department,China(Grant No.18ZA0401)+1 种基金the Innovative Training Program for College Student of Sichuan Normal University,China(Grant No.S20191063609)the National Natural Science Foundation of China(Grant No.61205079)。
文摘Simultaneous bandwidth(BW) enhancement and time-delay signature(TDS) suppression of chaotic lasing over a wide range of parameters by mutually coupled semiconductor lasers(MCSLs) with random optical injection are proposed and numerically investigated. The influences of system parameters on TDS suppression(characterized by autocorrelation function(ACF) and permutation entropy(PE) around characteristic time) and chaos BW are investigated. The results show that, with the increasing bias current, the ranges of parameters(detuning and injection strength) for the larger BW(> 20 GHz) are broadened considerably, while the parameter range for optimized TDS(< 0.1) is not shrunk obviously.Under optimized parameters, the system can simultaneously achieve two chaos outputs with enhanced BW(> 20 GHz)and perfect TDS suppression. In addition, the system can generate two-channel high-speed truly physical random number sequences at 200 Gbits/s for each channel.
文摘Antiviral software systems (AVSs) have problems in identifying polymorphic variants of viruses without explicit signatures for such variants. Alignment-based techniques from bioinformatics may provide a novel way to generate signatures from consensuses found in polymorphic variant code. We demonstrate how multiple sequence alignment supplemented with gap penalties leads to viral code signatures that generalize successfully to previously known polymorphic variants of JS. Cassandra virus and previously unknown polymorphic variants of W32.CTX/W32.Cholera and W32.Kitti viruses. The implications are that future smart AVSs may be able to generate effective signatures automatically from actual viral code by varying gap penalties to cover for both known and unknown polymorphic variants.
文摘This paper studies the existing problems of message authentication protocols in vehicular ad hoc networks(VANETs) due to their significance in the future of commuting and transportation. Our contribution has been devoted to implementing a new protocol for VANETs so that inherent security problems in past works are resolved. Exclusive security measures have been considered for the system which protects the users against threat of any attack. The new protocol shows a great hardness guaranteed by certificate based 80 bit security which assures messages to remain confidential in any time. Also, new unprecedented features like V2 X which improves system performance effectively have been instantiated. The simulation results indicate that message signature generation and verification both take place in much less time than present comparable rival protocols.
基金All procedures performed in studies involving human participants were in accordance with the ethical stand-ards of the Danish Ethical Committee(H-3-2012-023)and with the 1964 Helsinki declaration and its later amendments or comparable ethical standards.Samples were taken from the biobank of the Department of Forensic Medicine,University of Copenhagen(RIBVFapproved by the Danish Data Protection Agency,j.no.2002-54-1080).The Danish ethical committee waived the requirement for informed consent(H-3-2012-023).
文摘The MiSeq FGx^(TM) Forensic Genomics System types 231 genetic markers in one multiplex polymerase chain reaction (PCR) assay.The markers include core forensic short tandem repeats (STRs) as well as identity,ancestry and phenotype informative short nucleotide polymorphisms (SNPs).In this work,the MiSeq FGx^(TM) Forensic Genomics System was evaluated by analysing reproducibility,sensitivity,mixture identification and forensic phenotyping capabilities of the assay.Furthermore,the genotype calling of the ForenSeq^(TM) Universal Analysis Software was verified by analysing fastq.gz files from the MiSeq FGx^(TM) platform using the softwares STRinNGS and GATK.Overall,the performance of the MiSeq FGx^(TM) Forensic Genomics System was high.However,locus and allele drop-outs were relatively frequent at six loci (two STRs and four human identification SNPs) due to low read depth or skewed heterozygote balances,and the stutter ratios were larger than those observed with conventional STR genotyping methods.The risk of locus and allele drop-outs increased dramatically when the amount of DNA in the first PCR was lower than 250 pg.Two-person 50∶1 mixtures were identified as mixtures,whereas 100∶1 and 1000∶1 mixtures were not.Y-chromosomal short tandem repeats (Y-STRs) alleles were detected in the 100∶1 and 1000∶1 female/male mixtures.The ForenSeq^(TM) Universal Analysis Software provided the data analyst with useful alerts that simplified the analysis of the large number of markers.Many of the alerts were due to user-defined,locus-specific criteria.The results shown here indicated that the default settings should be altered for some loci.Also,recommended changes to the assay and software are discussed.